catch me if you can a practical framework to evade
play

Catch Me If You Can: A Practical Framework to Evade Censorship in - PowerPoint PPT Presentation

Catch Me If You Can: A Practical Framework to Evade Censorship in Information-Centric Networks Reza Tourani, Satyajayant (Jay) Misra, Joerg Kliewer, Scott Ortegel, Travis Mick Computer Science Department Department of Electrical &


  1. Catch Me If You Can: A Practical Framework to Evade Censorship in Information-Centric Networks † Reza Tourani, Satyajayant (Jay) Misra, Joerg Kliewer, Scott Ortegel, Travis Mick † Computer Science Department Department of Electrical & Computer Engineering New Mexico State University New Jersey Institute of Technology New Mexico State University, NM

  2. Outline  Introduction and Motivation  Problem Definition  Models and Assumptions  Framework Design  Experimental Results  Conclusions and Future Work New Mexico State University, NM

  3. Outline  Introduction and Motivation  Problem Definition  Models and Assumptions  Framework Design  Experimental Results  Conclusions and Future Work New Mexico State University, NM

  4. Censorship is common and widespread. New Mexico State University, NM

  5. Outline  Introduction and Motivation  Problem Definition  Models and Assumptions  Framework Design  Experimental Results  Conclusions and Future Work New Mexico State University, NM

  6. Censorship can be pervasive in ICNs. Blacklist: /facebook.com /Youtube.com Content Name: /facebook.com/user12 New Mexico State University, NM

  7. Tor: Using Onion Routing to evade censors. / facebook.com/user12 / facebook.com/user12 / facebook.com/user12 / facebook.com/user12 New Mexico State University, NM

  8. Tor: Using Onion Routing to evade censors. / facebook.com/user12 / facebook.com/user12 / facebook.com/user12 / facebook.com/user12 New Mexico State University, NM

  9. ANDaNA / facebook.com/user12 / facebook.com/user12 / facebook.com/user12 New Mexico State University, NM

  10. ANDaNA / facebook.com/user12 / facebook.com/user12 / facebook.com/user12 Too slow and require more infrastructure Can we find something better?!? New Mexico State University, NM

  11. Outline  Introduction and Motivation  Problem Definition  Models and Assumptions  Framework Design  Experimental Results  Conclusions and Future Work New Mexico State University, NM

  12. System Model  Set of users ( U ), Set of routers ( R ), Set of providers ( P ), Set of anonymizers ( A ), Filtering router ( R f )  Each u ∈ U is connected to an R i ∈ R (R i can be filtering/not)  Users can retrieve the set A securely and privately.  Content names follow a conventional (ICN) hierarchical naming scheme (E.g.: /www.facebook.com/user12/frontpage.html ).  𝑁 𝑙 : Name of k-bits; 𝑎 : Encrypted message; N = Alphabet Size. New Mexico State University, NM

  13. Attack Model Passive Active Modify/drop packets, Capture and analyze masquerade as a user Filter/Drop packets But, we use names based on names for caching!! ฀  Privacy-Caching Trade-off: Privacy-preservation is more important than caching resultant efficiency. New Mexico State University, NM

  14. Outline  Introduction and Motivation  Problem Definition  Models and Assumptions  Framework Design  Numerical Results  Conclusions and Future Work New Mexico State University, NM

  15. Preliminaries (Huffman Coding) † leverages the frequency of the source message  Huffman coding symbols for data compression.  Example: The frequency of the alphabet in the source message and the corresponding tree. 62 Alphabet Frequency Codeword 0 1 A 24 0 A 38 1 0 B 12 100 C 10 101 22 16 1 0 0 1 D 8 110 B C D E E 8 111 † D. Huffman et al. A method for the construction of minimum redundancy codes. Proc. IRE, 40(9):1098–1101, 1952. New Mexico State University, NM

  16. Vanilla Huffman Coding is not Secure! /1010100/111110 Plaintext Interest Encoded Interest /CAB/ED /1010100/111110 New Mexico State University, NM

  17. Vanilla Huffman Coding is not Secure! /1010100/111110 /CAB/ED New Mexico State University, NM

  18. How to Augment Vanilla Approach?  Increasing the number of unique coding tables.  Assigning each client a unique coding table that can be changed at certain frequency (as needed).  Sources of randomness: – The Huffman tree structure. – The conventional key. – The alphabet placement on leaf nodes. New Mexico State University, NM

  19. Preliminaries (Tree Structure) Number of mutually independent full binary trees with N leaves (N is the alphabet size) is the (N-1) th Catalan number. 𝐷 𝑂−1 = 2 × 𝑂 − 1 𝑂 ! × 𝑂 − 1 ! ≈ Ω ( 4 𝑂 ! � ) 3 2 𝑂 4! 𝐺𝐺𝐺 𝑂 = 3 ∶ 𝐷 𝑂−1 = 𝐷 2 = 3! × 2! = 2 254! 𝐺𝐺𝐺 𝑂 = 128 ∶ 128! × 127! New Mexico State University, NM

  20. Preliminaries (Conventional Key) Number of mutation trees for a binary tree with N leaves and N-1 internal nodes is 2 ( 𝑂−1 ) (each mutation tree is equivalent to a key). The key is the BFS traversal of the tree. 𝐺𝐺𝐺 𝑂 = 3 ∶ 2 𝑂−1 = 2 3−1 = 4 𝐺𝐺𝐺 𝑂 = 128 ∶ 2 127 0 0 1 0 1 1 0 1 0 1 1 0 0 1 1 0 0101 0110 1001 1010 New Mexico State University, NM

  21. Preliminaries (Alphabet Placement) Number of different alphabet placements on a tree with N leaves is equal to 𝑂 ! . 𝐺𝐺𝐺 𝑂 = 3 ∶ 𝑂 ! = 3! = 6 𝐺𝐺𝐺 𝑂 = 128 ∶ 𝑂 ! = 128! c c b a b a c a b a a b c b c c a b New Mexico State University, NM

  22. A combination of these results in a table. + Combine tree structure and the key perturbation to create different Huffman encoding tables (this study). Assign one each to each client. New Mexico State University, NM

  23. Communication Flow in our framework Initialization Phase Secure interest Huffmanized content interest 𝑚 , 𝑞 𝑗 ℎ ] /Youtube/00110, 𝑞 𝑗∈ [ 𝑞 𝑗 Secure content delivered New Mexico State University, NM

  24. Communication Flow in words  Initialization Phase  Client interest with credentials.  Coding table generation and pseudonym assignment by the anonymizer.  Sharing the coding table and the pseudonym range with the client.  Secure content request  Interest creation with encoded name and an in-range random pseudonym.  Secure content response  Client lookup by the anonymizer through pseudonym.  Interest decoding by the corresponding table.  Extended PIT entry creation for the decoded interest.  Content retrieval from the network and forwarding to the client. New Mexico State University, NM

  25. Privacy Evaluation of the Framework.  Information-theoretic secrecy  Guessing-entropy based secrecy  Breakability due to brute force New Mexico State University, NM

  26. Our Information-Theoretic Secrecy  The per symbol entropy for the alphabet size of N is: 𝑂 𝐼 𝑌 = − � 𝑞 ( 𝑦 𝑙 ) log 𝑞 𝑦 𝑙 = log 𝑂 . 𝑙=1  The selection of a mutation tree uniformly at random results in the key entropy as: 2 𝑂−1 𝐼 𝐿 = − � 𝑞 ( 𝑗 ) log 𝑞 𝑗 = 𝑂 − 1. 𝑗=1  The entropy of a random tree structure selection is: ( 4 𝑂 � ) 3 2 𝑂 = 2 𝑂 − 3 2 𝐼 𝑈 𝑠 = − � 𝑞 ( 𝑘 ) log 𝑞 𝑘 � log( 𝑂 ) . 𝑘=1 New Mexico State University, NM

  27. Attack Scenario 1 and information leakage  Scenario 1 (TKU). The tree structure and the key are unknown: 𝐽 𝑁 𝑙 ; 𝑎 = 𝐼 𝑁 𝑙 − 𝐼 𝑁 𝑙 𝑎 = 𝑙 log 𝑂 − 3𝑂 + 3 2 � log 𝑂 + 1. 𝐺𝐺𝐺 𝑂 = 256 ⇒ 𝑙 ≤ 94.3 ( 𝑚𝑚𝐺𝑚𝑚𝑚𝑚 𝑜𝑚𝑜𝑚 ) New Mexico State University, NM

  28. Attack Scenario 2 and information leakage  Scenario 2 (TK-KU). Tree structure known, but the key is unknown: 𝐽 𝑁 𝑙 ; 𝑎 = 𝐼 𝑁 𝑙 − 𝐼 𝑁 𝑙 𝑎 = 𝑙 log 𝑂 − 𝑂 + 1. 𝐺𝐺𝐺 𝑂 = 256 ⇒ 𝑙 ≤ 31.8 New Mexico State University, NM

  29. Attack Scenario 3 and information leakage  Scenario 3 (TU-KK). Tree structure unknown but key known: 𝐽 𝑁 𝑙 ; 𝑎 = 𝐼 𝑁 𝑙 − 𝐼 𝑁 𝑙 𝑎 = 𝑙 + 3 2 � log 𝑂 − 2𝑂 . 𝐺𝐺𝐺 𝑂 = 256 ⇒ 𝑙 ≤ 62.5 New Mexico State University, NM

  30. Information Leakage Threshold Scenario N=32 N=64 N=128 N=256 N=512 TKU 17.5 30.3 53.2 94.3 169.1 TK-KU 6.2 10.5 18.1 31.8 56.7 TU-KK 11.3 19.8 35.07 62.5 112.2 Maximum possible source message length k (in symbols) for perfect secrecy in i.i.d. messages. AES-128 leaks after 128 bits Leakage ⟹ privacy breach of encrypted message!! New Mexico State University, NM

  31. What is the chance attacker can get lucky? Guessing entropy: The expected number of guesses required by the attacker to ascertain the correct source message from an encoded message. 𝐹 [ 𝐻 𝑁 𝑙 𝑎 ] ≥ 2 𝐼 ( 𝑁 𝑙 | 𝑎 ) −2 + 1. † Hence,  Scenario 1 (TKU): � log 𝑂 −3 ) + 1. 𝐹 [ 𝐻 𝑁 𝑙 𝑎 ] ≥ 2 ( 3𝑂−3 2  Scenario 2 (TK-KU) : 𝐹 [ 𝐻 𝑁 𝑙 𝑎 ] ≥ 2 ( 2𝑂−3 2 � log 𝑂 ) −2 + 1.  Scenario 3 (TU-KK) : 𝐹 [ 𝐻 𝑁 𝑙 𝑎 ] ≥ 2 𝑂−1 −2 + 1. † G. Smith. On the foundations of quantitative information flow. In Foundations of Software Science and Computational Structures, pages 288–302. New Mexico State University, NM

  32. Guessing Entropy Comparison. The lower bound on the guessing entropy. New Mexico State University, NM

Recommend


More recommend